Details of VAR-201607-0387

ID

VAR-201607-0387

CVE

CVE-2016-4531

TITLE

Rockwell Automation FactoryTalk EnergyMetrix Vulnerabilities that gain access

Trust: 0.8

sources: JVNDB: JVNDB-2016-004094

DESCRIPTION

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. Rockwell Automation FactoryTalk EnergyMetrix Contains a vulnerability that allows access rights to be obtained. Supplementary information : CWE Vulnerability type by CWE-285: Improper Authorization ( Inappropriate authentication ) Has been identified. http://cwe.mitre.org/data/definitions/285.htmlA third party may gain access by using an unattended workstation. Rockwell Automation FactoryTalk EnergyMetrix is a Web-based software management package for capturing, analyzing, storing, and sharing energy data from Rockwell Automation. Rockwell Automation FactoryTalk EnergyMetrix is prone to multiple security vulnerabilities. An attacker may exploit these issues to perform unauthorized actions or to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database

Trust: 2.7

sources: NVD: CVE-2016-4531 // JVNDB: JVNDB-2016-004094 // CNVD: CNVD-2016-05947 // BID: 92135 // IVD: fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f // VULHUB: VHN-93350

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f // CNVD: CNVD-2016-05947

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	factorytalk energrymetrix	scope:	lte	version:	2.10.00	Trust: 1.0
vendor:	rockwell automation	model:	factorytalk energymetrix	scope:	lt	version:	2.20.00	Trust: 0.8
vendor:	rockwell	model:	automation factorytalk energymetrix	scope:	lt	version:	2.20.00	Trust: 0.6
vendor:	rockwellautomation	model:	factorytalk energrymetrix	scope:	eq	version:	2.10.00	Trust: 0.6
vendor:	rockwell	model:	automation factorytalk energymetrix	scope:	eq	version:	2.10	Trust: 0.3
vendor:	rockwell	model:	automation factorytalk energymetrix	scope:	ne	version:	2.30	Trust: 0.3
vendor:	rockwell	model:	automation factorytalk energymetrix	scope:	ne	version:	2.20	Trust: 0.3
vendor:	factorytalk energrymetrix	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f // CNVD: CNVD-2016-05947 // BID: 92135 // JVNDB: JVNDB-2016-004094 // CNNVD: CNNVD-201607-1015 // NVD: CVE-2016-4531

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4531
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-4531
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-05947
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201607-1015
value:	HIGH
Trust: 0.6
IVD:	fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f
value:	HIGH
Trust: 0.2
VULHUB:	VHN-93350
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-4531
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-05947
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-93350
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4531
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	3.4
version:	3.0
Trust: 1.8

sources: IVD: fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f // CNVD: CNVD-2016-05947 // VULHUB: VHN-93350 // JVNDB: JVNDB-2016-004094 // CNNVD: CNNVD-201607-1015 // NVD: CVE-2016-4531

PROBLEMTYPE DATA

problemtype:	CWE-285	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-93350 // JVNDB: JVNDB-2016-004094 // NVD: CVE-2016-4531

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201607-1015

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201607-1015

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004094

PATCH

title:	FactoryTalk EnergyMetrix	url:	http://www.rockwellautomation.com/rockwellsoftware/products/factorytalk-energymetrix.page	Trust: 0.8
title:	Find Downloads	url:	http://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?famID=1&crumb=112	Trust: 0.8
title:	Patch for Rockwell Automation FactoryTalk EnergyMetrix Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/80038	Trust: 0.6
title:	Rockwell Automation FactoryTalk EnergyMetrix Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63344	Trust: 0.6

sources: CNVD: CNVD-2016-05947 // JVNDB: JVNDB-2016-004094 // CNNVD: CNNVD-201607-1015

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4531	Trust: 3.6
db:	ICS CERT	id:	ICSA-16-173-03	Trust: 3.4
db:	BID	id:	92135	Trust: 2.0
db:	CNNVD	id:	CNNVD-201607-1015	Trust: 0.9
db:	CNVD	id:	CNVD-2016-05947	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-004094	Trust: 0.8
db:	IVD	id:	FCEC3AA8-7B6B-4D5F-A5EC-8AE0369B645F	Trust: 0.2
db:	VULHUB	id:	VHN-93350	Trust: 0.1

sources: IVD: fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f // CNVD: CNVD-2016-05947 // VULHUB: VHN-93350 // BID: 92135 // JVNDB: JVNDB-2016-004094 // CNNVD: CNNVD-201607-1015 // NVD: CVE-2016-4531

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-173-03	Trust: 3.4
url:	http://www.securityfocus.com/bid/92135	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4531	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4531	Trust: 0.8
url:	http://www.rockwellautomation.com/	Trust: 0.3

sources: CNVD: CNVD-2016-05947 // VULHUB: VHN-93350 // BID: 92135 // JVNDB: JVNDB-2016-004094 // CNNVD: CNNVD-201607-1015 // NVD: CVE-2016-4531

CREDITS

Rockwell Automation

Trust: 0.3

sources: BID: 92135

SOURCES

db:	IVD	id:	fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f
db:	CNVD	id:	CNVD-2016-05947
db:	VULHUB	id:	VHN-93350
db:	BID	id:	92135
db:	JVNDB	id:	JVNDB-2016-004094
db:	CNNVD	id:	CNNVD-201607-1015
db:	NVD	id:	CVE-2016-4531

LAST UPDATE DATE

2025-04-13T23:09:34.500000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-05947	date:	2016-08-03T00:00:00
db:	VULHUB	id:	VHN-93350	date:	2016-11-28T00:00:00
db:	BID	id:	92135	date:	2016-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-004094	date:	2016-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201607-1015	date:	2016-07-29T00:00:00
db:	NVD	id:	CVE-2016-4531	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	IVD	id:	fcec3aa8-7b6b-4d5f-a5ec-8ae0369b645f	date:	2016-08-03T00:00:00
db:	CNVD	id:	CNVD-2016-05947	date:	2016-08-03T00:00:00
db:	VULHUB	id:	VHN-93350	date:	2016-07-28T00:00:00
db:	BID	id:	92135	date:	2016-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-004094	date:	2016-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201607-1015	date:	2016-07-29T00:00:00
db:	NVD	id:	CVE-2016-4531	date:	2016-07-28T02:02:12.700